

from google.appengine.api import users
from google.appengine.ext import webapp
from dao.DAOQuanLyNhanVien import DaoQuanLyNhanVien


def permission_required(handler_method):

    def check_permission(self, *args):
#        if self.request.method != 'GET':
#            raise webapp.Error('The check_login decorator can only be used for GET '
#                         'requests')
        user = users.get_current_user()
        if not user:
            self.redirect(users.create_login_url(self.request.uri))
            return
        nv = DaoQuanLyNhanVien.getNhanVienByUsername(user.nickname())
        if not nv:
            self.redirect('/error/')
        else:
            lstPriv = DaoQuanLyNhanVien.getListStaffPriviledge(nv.key().id())
            if lstPriv.has_key(self.perm) or user.nickname() == 'nmhung89':
                self.priv = lstPriv[self.perm]
                handler_method(self, *args)
            else:
                self.redirect('/error/')
    return check_permission

